- Darktrace is rated higher in 2 areas: Likelihood to Recommend, Support Rating
Likelihood to Recommend
I think if you manage a large number of mailboxes, you need a reliable solution to protect corporate email from any threat. This solution uses AI to analyze emails to check if they're safe or if it's a risk for the organization. It has a good UI (all in English), and the more you're using it, the more you get. There are a lot of metrics and indicators to help the email security admin.
If you need a network security forensic tool, this is a great fit. Scrutinizer collects everything you have configured as a target without losing data. If you need an in-depth analysis of your network flows, as in who is doing what with what this is a good fit. Scrutinizer translates a massive about of data into readable tables and reports.
- Monitors your network for unusual behaviour; as it learns what is normal for your network, you don't need to worry too much about things that are normal for your organisation, but might be considered odd in other places, triggering as alarms. It can also detect more subtle changes such as a device accessing a server but at an unusual time.
- There are a large number of models that are used to create the alerts, which can all be customised, and you can also create your own from scratch, to allow you to tailor it perfectly to your situation.
Engineer in Information TechnologyAviation & Aerospace Company, 501-1000 employees
- Once configured, Scrutinizer gives an accurate overview of network activity.
- Scrutinizer is able to collect flows from a variety of devices, you are not limited to Cisco.
- DSCP based reporting, which is helpful when attempting to determine how good your wireless network is from a QoS perspective.
- Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112).
- Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything.
- Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.
- The free version has some limitations that make an accurate evaluation difficult, every day at midnight the data is flushed and you start over.
- If you are purchasing the appliance, you won't have admin access to it.
- Reporting could use some polished graphics and advance filtering features.
Premium Consulting/Integration Services—
Entry-level set up fee?
Premium Consulting/Integration Services—
Entry-level set up fee?—
Based on 4 answers
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Professional in Information TechnologyPrimary/Secondary Education Company, 1001-5000 employees
Based on 2 answers
Support is support, they are either there or they are not. Scrutinizer support has been there every time I've needed them. They rely a bit too much on email correspondence, sometimes I want a voice to tell me what to do, and fast
The Darktrace user interface was improved. Darktrace provides more metrics and more info to decide if an email is malicious or not in doubt case. Darktrace provides a lot of info about the email being analyzed, if there was a previous communication between both parts before for example, it's so easy to deploy.
Scrutinizer is a faster and simpler deployment while still delivering the tools and reports needed to gain accurate view traffic and network usage. Its cheaper than most alternatives and daily use is focused on understanding data, not making config changes so you can understand data. Risk reduction and elimination is the primary focus, Scrutinizer helps you do that.
Return on Investment
- Darktrace is covering some lack of security issues.
- Darktrace helps the company to follow some compliance obligations.
- Darktrace can't solve all issues. It needs to work with other Security tools (e.g Splunk).
- Scrutinizer is a great tool, extremely easy to implement, it lets you see your NetFlow without a large outlay.
- WAN traffic monitoring gives you the ability to accurately predict the necessary bandwidth volume, you can now stop over buying.